/*
 * Zed Attack Proxy (ZAP) and its related class files.
 *
 * ZAP is an HTTP/HTTPS proxy for assessing web application security.
 *
 * Copyright 2015 The ZAP Development Team
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.parosproxy.paros.db.paros;

import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.ArrayList;
import java.util.List;
import org.parosproxy.paros.db.DatabaseException;
import org.parosproxy.paros.db.DbUtils;
import org.parosproxy.paros.db.RecordParam;
import org.parosproxy.paros.db.TableParam;

public class ParosTableParam extends ParosAbstractTable implements TableParam {

    private static final String TABLE_NAME = "PARAM";

    private static final String PARAMID = "PARAMID";
    private static final String SITE = "SITE";
    private static final String TYPE = "TYPE";
    private static final String NAME = "NAME";
    private static final String USED = "USED";
    private static final String FLAGS = "FLAGS";
    private static final String VALUES = "VALS";

    private PreparedStatement psRead = null;
    private PreparedStatement psInsert = null;
    private CallableStatement psGetIdLastInsert = null;
    private PreparedStatement psUpdate = null;
    private PreparedStatement psGetAll = null;

    public ParosTableParam() {}

    @Override
    protected void reconnect(Connection conn) throws DatabaseException {
        try {
            if (!DbUtils.hasTable(conn, TABLE_NAME)) {
                // Need to create the table
                DbUtils.execute(
                        conn,
                        "CREATE cached TABLE PARAM (paramid bigint generated by default as identity (start with 1), site varchar(32768) not null, "
                                + "type varchar(32768) not null, name varchar(32768) not null, used int not null, flags varchar(32768) not null, vals varchar(8388608) not null)");
            }

            psRead = conn.prepareStatement("SELECT * FROM PARAM WHERE " + PARAMID + " = ?");

            psInsert =
                    conn.prepareStatement(
                            "INSERT INTO PARAM ("
                                    + SITE
                                    + ","
                                    + TYPE
                                    + ","
                                    + NAME
                                    + ","
                                    + USED
                                    + ","
                                    + FLAGS
                                    + ","
                                    + VALUES
                                    + ") VALUES (?, ?, ?, ?, ?, ?)");
            psGetIdLastInsert = conn.prepareCall("CALL IDENTITY();");

            psUpdate =
                    conn.prepareStatement(
                            "UPDATE PARAM SET "
                                    + USED
                                    + " = ?,"
                                    + FLAGS
                                    + " = ?,"
                                    + VALUES
                                    + " = ? "
                                    + "WHERE "
                                    + PARAMID
                                    + " = ?");

            psGetAll = conn.prepareStatement("SELECT * FROM PARAM");
        } catch (SQLException e) {
            throw new DatabaseException(e);
        }
    }

    @Override
    public synchronized RecordParam read(long urlId) throws DatabaseException {
        try {
            psRead.setLong(1, urlId);

            try (ResultSet rs = psRead.executeQuery()) {
                RecordParam result = build(rs);
                return result;
            }
        } catch (SQLException e) {
            throw new DatabaseException(e);
        }
    }

    @Override
    public List<RecordParam> getAll() throws DatabaseException {
        try {
            List<RecordParam> result = new ArrayList<>();
            try (ResultSet rs = psGetAll.executeQuery()) {
                while (rs.next()) {
                    result.add(
                            new RecordParam(
                                    rs.getLong(PARAMID),
                                    rs.getString(SITE),
                                    rs.getString(TYPE),
                                    rs.getString(NAME),
                                    rs.getInt(USED),
                                    rs.getString(FLAGS),
                                    rs.getString(VALUES)));
                }
            }

            return result;
        } catch (SQLException e) {
            throw new DatabaseException(e);
        }
    }

    @Override
    public synchronized RecordParam insert(
            String site, String type, String name, int used, String flags, String values)
            throws DatabaseException {
        try {
            psInsert.setString(1, site);
            psInsert.setString(2, type);
            psInsert.setString(3, name);
            psInsert.setInt(4, used);
            psInsert.setString(5, flags);
            psInsert.setString(6, values);
            psInsert.executeUpdate();

            long id;
            try (ResultSet rs = psGetIdLastInsert.executeQuery()) {
                rs.next();
                id = rs.getLong(1);
            }
            return read(id);
        } catch (SQLException e) {
            throw new DatabaseException(e);
        }
    }

    @Override
    public synchronized void update(long paramId, int used, String flags, String values)
            throws DatabaseException {
        try {
            psUpdate.setInt(1, used);
            psUpdate.setString(2, flags);
            psUpdate.setString(3, values);
            psUpdate.setLong(4, paramId);
            psUpdate.executeUpdate();
        } catch (SQLException e) {
            throw new DatabaseException(e);
        }
    }

    private RecordParam build(ResultSet rs) throws DatabaseException {
        try {
            RecordParam rt = null;
            if (rs.next()) {
                rt =
                        new RecordParam(
                                rs.getLong(PARAMID),
                                rs.getString(SITE),
                                rs.getString(TYPE),
                                rs.getString(NAME),
                                rs.getInt(USED),
                                rs.getString(FLAGS),
                                rs.getString(VALUES));
            }
            return rt;
        } catch (SQLException e) {
            throw new DatabaseException(e);
        }
    }
}
